We've been talking about the dangers of Facebook and Twitter for a couple of years now [1], [2], [3], [4], [5], [6].

This seems to be bringing back to the forefront the argument of locking down business networks to prevent access to these sites. Previous arguments have usually been limited to productivity drains, but as malware on these sites rise, security should be the overriding concern. The potential for information leaks from employees posting to these sites is increasing, as well as the possible damage from malware being sent from a corporation's compromised network. And there's still the whole cybersquatting issue, which also seems to be rising. There are companies that have been targeted with fake Facebook and Twitter profiles, which could potentially damage the company's reputation.

With these considerations, should businesses lock down access to these sites at the risk of upsetting their employees?

About the author

Beth Jones
Senior Threat Researcher, SophosLabs US
Beth manages the day-to-day research and analysis activities of incoming suspicious malware threats that arrive in SophosLabs via customers, partners and prospects. Beth has worked in Sophos's Boston lab for more than five years and brings nearly a decade of network security experience to Sophos.